From 50485943200a0f04b557292f89df7b2829a603da Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois=20Van=20Der=20Biest?=
 <francois.vanderbiest@camptocamp.com>
Date: Fri, 28 Jul 2017 12:29:18 +0200
Subject: [PATCH 1/3] Get config from env vars if no config.json

---
 README.rst  |  4 +++-
 webhooks.py | 34 +++++++++++++++++++++++++---------
 2 files changed, 28 insertions(+), 10 deletions(-)

diff --git a/README.rst b/README.rst
index 54bfe66..a0f859f 100644
--- a/README.rst
+++ b/README.rst
@@ -152,7 +152,9 @@ with the following command:
 
     git clone http://github.com/carlos-jenkins/python-github-webhooks.git
     docker build -t carlos-jenkins/python-github-webhooks python-github-webhooks
-    docker run -d --name webhooks -p 5000:5000 carlos-jenkins/python-github-webhooks
+    docker run -d --name webhooks -e WEBHOOKS_GITHUB_IPS_ONLY=False -p 5000:5000 \
+      carlos-jenkins/python-github-webhooks
+
 
 You can also mount volume to setup the ``hooks/`` directory, and the file
 ``config.json``:
diff --git a/webhooks.py b/webhooks.py
index ef9d70c..2a02f28 100644
--- a/webhooks.py
+++ b/webhooks.py
@@ -24,7 +24,7 @@
 from json import loads, dumps
 from subprocess import Popen, PIPE
 from tempfile import mkstemp
-from os import access, X_OK, remove, fdopen
+from os import access, X_OK, remove, fdopen, environ
 from os.path import isfile, abspath, normpath, dirname, join, basename
 
 import requests
@@ -34,6 +34,15 @@
 
 application = Flask(__name__)
 
+def env_var(key, default=None):
+    val = environ.get(key, default)
+    if val == 'True':
+        val = True
+    elif val == 'False':
+        val = False
+    elif val == 'None':
+        val = None
+    return val
 
 @application.route('/', methods=['GET', 'POST'])
 def index():
@@ -47,14 +56,23 @@ def index():
     if request.method != 'POST':
         abort(501)
 
-    # Load config
-    with open(join(path, 'config.json'), 'r') as cfg:
-        config = loads(cfg.read())
-
-    hooks = config.get('hooks_path', join(path, 'hooks'))
+    # Load config from file
+    try:
+        with open(join(path, 'config.json'), 'r') as cfg:
+            config = loads(cfg.read())
+            hooks = config.get('hooks_path', join(path, 'hooks'))
+            github_ips_only = config.get('github_ips_only', True)
+            secret = config.get('enforce_secret', '')
+            info = config.get('return_scripts_info', False)
+    # ... or from ENV vars
+    except Exception:
+        hooks = env_var('WEBHOOKS_HOOKS_PATH', join(path, 'hooks'))
+        github_ips_only = env_var('WEBHOOKS_GITHUB_IPS_ONLY', True)
+        secret = env_var('WEBHOOKS_ENFORCE_SECRET', '')
+        info = env_var('WEBHOOKS_RETURN_SCRIPTS_INFO', False)
 
     # Allow Github IPs only
-    if config.get('github_ips_only', True):
+    if github_ips_only:
         src_ip = ip_address(
             u'{}'.format(request.remote_addr)  # Fix stupid ipaddress issue
         )
@@ -67,7 +85,6 @@ def index():
             abort(403)
 
     # Enforce secret
-    secret = config.get('enforce_secret', '')
     if secret:
         # Only SHA1 is supported
         header_signature = request.headers.get('X-Hub-Signature')
@@ -190,7 +207,6 @@ def index():
     # Remove temporal file
     remove(tmpfile)
 
-    info = config.get('return_scripts_info', False)
     if not info:
         return dumps({'status': 'done'})
 

From 2b25ff3d9237289679ec2c7a78be721c63ac62bf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois=20Van=20Der=20Biest?=
 <francois.vanderbiest@gmail.com>
Date: Fri, 28 Jul 2017 23:29:04 +0200
Subject: [PATCH 2/3] remove volume for config.json file

---
 README.rst | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/README.rst b/README.rst
index a0f859f..d50b323 100644
--- a/README.rst
+++ b/README.rst
@@ -156,14 +156,12 @@ with the following command:
       carlos-jenkins/python-github-webhooks
 
 
-You can also mount volume to setup the ``hooks/`` directory, and the file
-``config.json``:
+You can also mount a volume to setup the ``hooks/`` directory:
 
 ::
 
     docker run -d --name webhooks \
       -v /path/to/my/hooks:/src/hooks \
-      -v /path/to/my/config.json:/src/config.json \
       -p 5000:5000 python-github-webhooks
 
 

From 92cb4d98c9237e031ef077593054c4d44cdc16d9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois=20Van=20Der=20Biest?=
 <francois.vanderbiest@camptocamp.com>
Date: Mon, 31 Jul 2017 15:04:31 +0200
Subject: [PATCH 3/3] document env vars

---
 README.rst | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/README.rst b/README.rst
index d50b323..4b58690 100644
--- a/README.rst
+++ b/README.rst
@@ -152,7 +152,12 @@ with the following command:
 
     git clone http://github.com/carlos-jenkins/python-github-webhooks.git
     docker build -t carlos-jenkins/python-github-webhooks python-github-webhooks
-    docker run -d --name webhooks -e WEBHOOKS_GITHUB_IPS_ONLY=False -p 5000:5000 \
+    docker run -d --name webhooks \
+      -e WEBHOOKS_GITHUB_IPS_ONLY=False \
+      -e WEBHOOKS_HOOKS_PATH=/src/hooks \
+      -e WEBHOOKS_ENFORCE_SECRET='' \
+      -e WEBHOOKS_RETURN_SCRIPTS_INFO=True \
+      -p 5000:5000 \
       carlos-jenkins/python-github-webhooks